NetBSD Problem Report #58594
From www@netbsd.org Wed Aug 14 02:46:20 2024
Return-Path: <www@netbsd.org>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
client-signature RSA-PSS (2048 bits) client-digest SHA256)
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id 279791A9242
for <gnats-bugs@gnats.NetBSD.org>; Wed, 14 Aug 2024 02:46:20 +0000 (UTC)
Message-Id: <20240814024619.18C621A9243@mollari.NetBSD.org>
Date: Wed, 14 Aug 2024 02:46:19 +0000 (UTC)
From: campbell+netbsd@mumble.net
Reply-To: campbell+netbsd@mumble.net
To: gnats-bugs@NetBSD.org
Subject: Kernel FIOASYNC/FIOSETOWN/FIOGETOWN protocol is incoherent
X-Send-Pr-Version: www-1.0
>Number: 58594
>Category: kern
>Synopsis: Kernel FIOASYNC/FIOSETOWN/FIOGETOWN protocol is incoherent
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Aug 14 02:50:00 +0000 2024
>Originator: Taylor R Campbell
>Release: current, 10, 9, ...
>Organization:
The NetBSD SIGIOdation
>Environment:
>Description:
Various drivers implement FIOASYNC/FIOSETOWN/FIOGETOWN in their own ways. The kernel provides fsetown/fgetown/fownsignal(9), but the usage rules aren't clear enough:
1. Is the caller required to serialize these? (Probable answer: yes)
2. Can these be used in interrupt context (or under a spin lock), or in soft interrupt context? (Probable answer: no, but bpf(4) does try to use fownsignal(9) like that.)
3. What happens if the process terminates and the pid/pgid is recycled? (Probable answer: nothing good; I don't see anywhere the kernel might clean up the references, in case the file in question is held by a different process.)
>How-To-Repeat:
code inspection
>Fix:
1. Clarify the man page.
2. Figure out how to deal with cleanup. Maybe provide an opaque `struct fown' data structure for callers to wire up the weak references for concurrent teardown on process termination.
3. Audit all the callers.
(Contact us)
$NetBSD: query-full-pr,v 1.47 2022/09/11 19:34:41 kim Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2024
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.